On December 18, the Financial Crimes Enforcement Network (“FinCEN”) issued a proposal to impose on banks and money service businesses (“affected institutions”) a new set of rules for digital currency transactions involving “unhosted” digital asset wallets (i.e., wallets that are not provided by a financial institution or other service and reside instead on a user’s personal device or offline). The proposed rule states that, for the purposes of these new requirements only, the definition of “monetary instruments” at 31 U.S.C. § 5312(a)(3) would be expanded to include convertible virtual currency and digital assets with legal tender status. If adopted, the rule will create significant obligations for recordkeeping, reporting, and identity verification requirements.
As a preliminary matter, FinCEN’s rulemaking proposal appears to target transactions involving a counterparty that does not have an account with, or wallet hosted by, either: (i) a financial institution regulated under the Bank Secrecy Act (“BSA”); or (ii) certain foreign financial institutions located in “problematic” jurisdictions (i.e., “jurisdictions of primary money laundering concern,” including Iran and North Korea). In this respect, differentiating between hosted and unhosted wallets is something of an open question – FinCEN proposes that affected institutions will need a “reasonable basis” to conclude that a counterparty has an account or wallet hosted by a BSA-regulated institution or covered foreign financial institution.
For transactions involving an unhosted or otherwise covered wallet, and where the value of the transaction is greater than $10,000, the proposed rule would require affected institutions to submit a detailed report to FinCEN. This report, analogous to a Currency Transaction Report (“CTR”), must contain the following information, among other things:
- The full name and physical address of the financial institution’s client.
- The name and physical address of “each counterparty to the transaction of the financial institution’s customer.”
- The amount and type of virtual currency or digital asset being transacted.
- The “assessed value of the transaction” in U.S. Dollars.
- All other information that “uniquely identifies the transaction, the accounts, and, to the extent reasonably available, the parties involved.”
In addition to the above requirements, the proposed rule would require affected institutions to maintain records and verify the identity of their customers engaging in transactions involving the withdrawal, exchange, or other payment or transfer by, through, or to unhosted wallets, where the amount involved is greater than $3,000. The proposed rule would also impose an aggregation requirement in cases were the affected institution is aware that a transaction is one of multiple virtual currency transactions involving a single person within a 24-hour period that amount to greater than $10,000. Notably, the 24-hour measurement period would be different from the business-day measurement period for cash transactions. Relatedly, the proposed rule also differs from the cash CTR requirements to aggregate transactions across all affected institutions’ “offices and records,” including foreign offices. The proposed rule also would amend and expand the regulations which prohibit structured transactions, in order to extend the prohibition to efforts to avoid the proposed reporting requirement for digital currency transactions.
As the proposed rule observes, FinCEN and the Federal Reserve also recently proposed regulatory amendments to “clarify” that the “Recordkeeping Rule” and “Travel Rule” apply to all transactions involving convertible virtual currency and digital assets with legal tender status, and to lower the threshold for these rules from $3,000 to only $250 for cross-border transactions. As we have blogged, the digital currency industry has lamented the onerous standards of the Travel Rule, arguing that implementing this requirement would be near impossible and actually would drive digital currency users to unregulated and anonymous platforms. The practical problem with applying the Travel Rule – as well as the new proposed rule discussed in this post – to the digital currency industry is that, unlike the traditional banking community, which already has established mechanisms for communication amongst institutions – including through the SWIFT system – the still-emerging digital currency industry lacks such established mechanisms.
To be sure, the proposed rule has not been without criticism. For one, FinCEN has permitted only a limited comment period (affected institutions and the general public have until January 4, 2021 to comment on the rule). Moreover, the agency appears set to promulgate a final rule with near-immediate effect, thus dispensing with the 30-day period usually required between announcement of a final rule and when the rule takes effect. As set forth in the preamble, FinCEN’s justification for both the truncated comment period and nearly immediate effect rests on foreign affairs implications and the enforcement need for prompt action. For example, the preamble states that “undue delay in the implementation of the proposed rule would encourage movement of unreported or unrecorded assets implicated in illicit finance.” Those justifications appear to be untested, and FinCEN’s shortened comment period and implementation window may well attract a legal challenge.